package com.gupao.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.servlet.ModelAndView;

@RestController
@RequestMapping("/openapi")
public class OpenapiController {
//	private static final Logger log = LoggerFactory.getLogger(OpenapiController.class);
	
	@GetMapping("/order/{id}")
	public ModelAndView getOrder(@PathVariable String id,@RequestParam("code") String code) throws Exception {
		System.out.println("go to the home page!");
		ModelAndView mode = new ModelAndView();
		mode.addObject("name", id);
		mode.setViewName("index");
		return mode;
	}
	
	@GetMapping("/product/{id}")
	@PreAuthorize("@pms.hasPermission('openapi_product_id')")
	public String getProduct(@PathVariable String id) throws Exception {
		return "Product info:"+id;
	}
	
}
